I'm interested in creating an escrow smart contract using Plutus, where a seller stores an encryption key in the Datum and sells it for a price. The key should only be accessible to a buyer who pays the required price. Considering that data in the Datum is publicly visible on the blockchain, what strategies or methodologies could I use to securely store and transfer sensitive information like this within the constraints of Cardano's smart contract model?
1 Answer
Storing secrets on the blockchain is not possible. Also, transferring secrets is not advisable because doing it via blockchain means publishing it to everybody.
For any real world scenario, I can think of, this makes the blockchain unsuitable for this type of transactions.
Now, if you are fine with the blockchain only playing the role of witness, i.e. a ledger showing that a secret has changed owner, than you can implement a protocol that treats the hash of the secret as the value to be transferred. The actual secret would need to be transferred off-chain. Any dispute could use the blockchain as proof-of-transaction though.
You can take it one step further and implement the messaging channel for the transfer of the secret on-chain. You could have the buyer publish single-use public encryption keys that the seller uses to encrypt the secret. The encrypted secret would then be pushed to the blockchain in a transaction. With this solution, you can of course not prove on-chain that the actual secret that corresponds to the hash was published in the transaction. But in case of dispute, both parties could have the transfer of the secret verified by an arbiter to whom the buyer would disclose the private key corresponding to the used public key.
